WordPress.org

Ready to get started?Download WordPress

Forums

xmlrpc.php is used to attack the website (4 posts)

  1. sadish
    Member
    Posted 8 years ago #

    I am not sure if I am explaining this the right way.

    My Hosting company locked my websites up, and when I contacted them, they said, "we are seeing attacks on the web space, using the xmlrpc.php file you got in there." and then they also showed the access log where it was being hit several times from one IP.

    Now they want me to remove the file, so I can continue to host my website with them.

    What exactly is the problem ? is it fixed in wp 1.5.2 ?
    Please let me know what I should do.
    Thanks.

  2. Mark (podz)
    Support Maven
    Posted 8 years ago #

    If you are not running 1.5.2 then yes, there are risks.
    Upgrade !

  3. sadish
    Member
    Posted 8 years ago #

    Thanks Podz.
    I Upgraded !

  4. whooami
    Member
    Posted 8 years ago #

    Good job on upgrading :) Its worth mentioning that upgrading fills the hole but wont neccessarily keep people from trying. All of the various xml-rpc problems are well documented and scripts, exploit checkers are readily available. Your host may or may not see a decrease in attempts to exploit a security issue.

Topic Closed

This topic has been closed to new replies.

About this Topic